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REMARKS/ARGUMENTS 

1. ) Claim Status 

Claims 1-23 are pending in the application. The claims have not been amended. 
Favorable reconsideration of the application is respectfully requested in view of the 
following remarks. 

2. ) Allowable Subject Matter 

The Examiner objected to claims 2-10, 12-15, and 17-22 as being dependent 
upon a rejected base claim but stated they would be allowable if rewritten in 
independent form including all of the limitations of the base claim and any intervening 
claims. The Applicants will delay any amendments until the Examiner has considered 
the following remarks. 

3. ) Claim Rejections - 35 U.S.C. § 102(e) 

In paragraph 1 of the Office Action, the Examiner rejected claims 1, 11, 16, and 
23 under 35 U.S.C. § 102(e) as being anticipated by Faccin, et al. (US 6,879,690). The 
Applicants respectfully disagree. 

It is noted that Faccin neither discloses sessions established by users, nor 
suggests any problem or solution derived thereof. Additionally, Faccin relates to the 
authentication process, while the claimed invention addresses problems arising after 
authentication is complete. 

Regarding claim 1, Faccin discloses an Authentication, Authorization, and 
Accounting (AAA) server in a packet data network (col. 4, I. 58-60) comprising: means 
for authenticating a user (col. 5, I. 14-15 and 44-48); and means for authorizing a 
service for the user when the user accesses the network (col. 5, I. 14-15, and col. 1, I. 
31-36), as claim 1 recites. 

However, Faccin fails to disclose an AAA server having means for generating a 
session identity, said session identity comprising a unique random value that is opaque, 
unpredictable, and not simultaneously re-usable, wherein the means for generating a 

Amendment - PAGE 8 of 12 

EUS/GJ/P/07-9104 



Attorney Docket No. P17673-US2 
Customer Number 27045 

session identity includes means for structuring the session identity to include an 
identifier of the AAA server, said AAA server identifier being usable to route queries 
containing the AAA server identifier to the AAA server. 

As noted above, Faccin neither discloses sessions established by users, nor 
suggests any problem or solution derived thereof. On the other hand, the claimed 
invention clearly relates to sessions created when a user is successfully authenticated 
by the system. 

Furthermore, the claimed invention addresses the issue of enabling a client to 
find the AAA server hosting a given user after authentication is complete. To solve this 
issue the claimed invention provides for an AAA server having means for generating a 
structured session identifier that includes an identifier of the AAA server, said AAA 
server identifier being usable to route queries containing the AAA server identifier to the 
AAA server, as recited in claim 1 as presently on file. Thus, any further query involving a 
given session identity can unambiguously be routed to the AAA server holding a 
corresponding session. 

The references made by the Examiner to Faccin's teaching do not teach or 
suggest the above distinguishing features of claim 1. For example, col. 5, lines 1-12 
disclose secure channels with an AAA server in a domain as well as security 
associations for keys transmission. Col. 8, lines 46-59 disclose a generally know 
challenge-based authentication algorithm (Fig. 3) that includes the use of a random 
number and a long term key to produce the same signed response at both entities 
carrying out the authentication procedure (further details can be read in col. 10, lines 
32-67). However, these passages do not have anything to do with a session identifier 
including an identifier of the AAA server, to be further used in determining which is the 
AAA server in charge of this session, and including a random, unique, not reusable, and 
unpredictable value. 

Therefore, claim 1 as presently on file is novel and inventive over Faccin's 
teaching. 

Regarding the claims 11 and 16, Faccin discloses a system and a method in a 
packet data network having a plurality of Authentication, Authorization, and Accounting 
(AAA) servers (col. 4, lines 57-60), however, Faccin does not teach or suggest anything 
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about routing queries to an appropriate AAA server. In the following, the discussion 
refers to the wording of the system claim 1 1 and is considered applicable to the method 
claim 16 as well, both claims having corresponding technical features. 

In particular, Faccin discloses on col. 5, lines 1-25 secure channels with an AAA 
server in a domain, security associations for keys transmission, and the needs for a 
prior user authentication and user authorization before gaining IP connectivity to the 
visited domain. In col. 6, lines 12-22, Faccin discloses both AAA home server and 
mobile terminal sharing a common set of algorithms and a common set of keys (well- 
known features to those skilled in the art of challenge-response authentication 
procedures) these algorithms being applicable and usable for mutual authentication 
(authentication of the network by the user and vice verse). These technical features 
disclosed in Faccin's do not teach or suggest means for assigning a realm identifier to 
each of the plurality of AAA servers and means for creating a master session in a given 
AAA server, as recited in claim 1 1 for the purpose of routing queries to the appropriate 
AAA server. This is especially true because the master session is a session created 
when a user has been successfully authenticated by the system, and Faccin neither 
discloses sessions established by users, nor suggests any problem or solution derived 
thereof. 

The Examiner also refers to Fig. 4 of Faccin, which illustrates a challenge- 
response authentication procedure. Col. 8, lines 40-59, describe the submission of the 
challenge from the user and the fonwarding between an AAA-client to the AAA-server 
wherein a random number is generated and the algorithm executed to produce the 
challenged result to prove that the entity is the one which claims to be. That is, the 
citations made by the Examiner refer to features, algorithms, and a common set of keys 
related to the authentication procedure and which have nothing to do with the 
generation of a master session identifier (which occurs after authentication Is complete). 

In this respect, the fonwarding between AAA-client and AAA-server of an 
authentication challenge as well as the generation of a random number to further 
execute an authentication algorithm to produce an authentication response can by no 
means be interpreted as anticipating the means within the given AAA server for 
generating a master session identity that includes a session reference and the realm 
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identifier assigned to the given AAA server, as recited in claim 11. Additionally, Faccin 
does not disclose master sessions simply because the master session is not created 
until having successfully completed the authentication procedure. Therefore, Faccin 
does not teach or suggest the claimed means within the network for routing queries 
based on the master session identity to the given AAA server. 

Therefore, claims 1 1 and 1 6 as presently on file are novel and inventive over 
Faccin's teaching. 

Regarding claim 23, Faccin discloses on col. 8, lines 51-59 an AAA server 
generating a random number "RANDTK" and executing the algorithm shared with the 
user equipment using a long term key "SA3" to compute a new pending temporary 
shared key. These and other resulting authentication data are forwarded towards the 
user equipment via an AAA client where similar results are produced to achieve a 
successful authentication. 

As in the above rationale, the citations made by the Examiner refer to features, 
algorithms, and common set of keys related to the authentication procedure and which 
have nothing to do with the generation of a master session identifier (which occurs after 
authentication is complete). Thus, nothing in Faccin anticipates a method of routing 
queries to an appropriate AAA server, the method including the steps of randomly 
generating in each AAA server, a fixed-length realm identifier that uniquely identifies 
each generating AAA server; creating a master session in a given AAA server; 
generating by the given AAA server, a master session identity that includes a session 
reference and the realm identifier that identifies the given AAA server; and routing 
queries containing the master session identity through the network to the given AAA 
server. 

In fact, as noted above, Faccin is silent about sessions created after the user has 
been successfully authenticated by the network and, consequently, nothing in Faccin 
can anticipate the problem of determining the AAA server in charge of a particular 
session for the user and even less the solution of including a realm identifier identifying 

said AAA server in the master session identity. 

Therefore, claim 23 as presently on file is novel and inventive over Faccin's 
teaching. 
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Therefore, the Applicants respectfully request the allowance of independent 
claims 1, 11, 16, and 23 and dependent claims 2-10, 12-15, and 17-22. 

4.) Conclusion 

In view of the foregoing remarks, the Applicants believe all of the claims currently 
pending in the Application to be in a condition for allowance. The Applicants, therefore, 
respectfully request that the Examiner withdraw all rejections and issue a Notice of 
Allowance for claims 1-23. 

The Applicants request a telephonic interview if the Examiner has any questions 
or requires any additional information that would further or expedite the prosecution of 
the Application. 



Ericsson Inc. 

6300 Legacy Drive, M/S EVR 1-C-1 1 
Piano, Texas 75024 

(972) 583-1572 
steve.xl.smith@ericsson.com 
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